Cybersecurity Specialist, GRC

The incumbent will be part of the Governance and Compliance team to conduct compliance checks to ensure security controls are in place to meet regulatory requirements.

• Identify potential risks that will impact the organization and recommend action plans to reduce the risks.
• Conduct red/ purple teaming exercise to Business Continuity Plan (BCP) and Disaster Restoration Plan. (DRP) are well documented and communicated.
• Develop policies, standards and guidelines to ensure safety of assets in adherence to business needs, industrial best practices and regulatory requirements.
• Conduct security awareness trainings and cybersecurity exercises.
• Provide security advisory and consultancy to cybersecurity projects.
• Undertake projects and activities that address Cyber risks.
• Other ad-hoc tasks assigned.

Requirements:

• Degree in Cyber Security, Information Technology or related fields with 1- 3 years of relevant experience in a cyber security operations or GRC roles.
• CISSP/CISM/CISA/CEH/ CGEIT/CRISC/AWS or equivalent certification.
• Strong IT background with expert-level knowledge of multiple security practices (Email security solutions, vulnerability management, network security (firewall, IPS/IDS, SIEM, threat intelligence, etc.)
• Knowledge on CSA Code of Practice (CCoP), ISO27001 and IEC62443, NIST Cybersecurity Framework
• Experience in Threat detection, Penetration testing and red teaming.
• Knowledge in Network, Web Security and Application Security would be highly valued
• Experience with information security tools (SIEM, anti-virus tools etc.).
• Experience in forensics and incident management.
• Ability to work under pressure.
• Self-motivated, a good team player and strong ability to multi-task
• Excellent verbal and written communication, presentation and analytical skills